Apple OS X more vulnerable than Vista?

Â…but not necessarily less secure

By Tom Espiner, 20 December 2007 11:13

NEWS

Apple Mac operating systems had more critical vulnerabilities reported in 2007 than Microsoft's operating systems, according to research.

George Ou, a writer for silicon.com sister site ZDNet.com, analysed in-depth statistics from security research company Secunia as a basis for his research. He found Apple's latest operating system, Mac OS X, faced more critical flaws than Windows XP and Vista combined.

While Mac OS X had 234 highly critical vulnerabilities reported in 2007, Vista and XP combined had 23, Ou wrote.

Ou wrote: "This shows that Apple had more than five times the number of flaws per month than Windows XP and Vista in 2007 and most of these flaws are serious. Clearly this goes against conventional wisdom."

Macs have traditionally been viewed as suffering from fewer vulnerabilities than Windows.

Ou made the comparison as an indicator of how many vulnerabilities might exist in 2008, rather than a comparison of the relative security of the operating systems. He said that security had improved with both Windows Vista and Mac OS X Leopard (version 10.5) this year.

Some experts have said that counting vulnerabilities is not necessarily reliable as a measure of security.

Tristan Nitot, president of Mozilla Europe, said it was more important to take into account the time it takes to patch vulnerabilities.

The amount of exploit code available in the wild also has an impact on security. While there are thousands of pieces of code that seek to exploit Windows XP vulnerabilities, exploit code for Mac OS X is relatively rare.

Tom Espiner writes for ZDNet.co.uk

Comments

There are 5 comments. Join the discussion

  1. 1. anonymous

    FUD.... show me one person's system on OS X that's been exploited. I'm not talking proof-of-concept... I'm talking actual exploit.

  2. 2. Tom B

    They are basically playing with statistics here. Finding theoretical "vulnerabilities" does NOT mean anybody would be able to exploit them in the real world. In many of these cases, you have to do multiple stupid things to even have a chance of running into trouble. In contrast, we have plenty of real world experience with XP and Vista viruses; this is clear. The writer, Mr. Ou, has an agenda, I suspect.

  3. 3. Windows User

    Mr Anonomous from the USA, have you actually read the article, yes there have been more updates of OS X but where does it state that it is less secure.

    "Apple OS X more vulnerable than Vista?

    …but not necessarily less secure"

    does this headline say anything about OS X being less secure???

  4. 4. Michael Fischer

    Ou is simply being deceptive ... he did the same thing last spring ... he counted flaws in open source software that accompanies OSX, such as Perl. In many cases, such as Perl, the same fault was counted multiple times. (e.g. any one instance of OSX could only have one of five of the flaws listed).

    There are some actual flaws in the operating system itself, but these are buried under a mound of mostly irrelevant flaws with respect to how users of OSX use OSX. Virtually all are unexploitable by a network attack. Most are difficult from an unprivileged account on the machine itself, and there is little or no exploit code for these.

  5. 5. anonymous

    I searched on the same Secunia site and found they reported 113 possible issues for Mac OS over 5 years, of wich only 7 possibly "critical", none of them ever exploited.
    Where did he find these "234 critical flaws in 2007" ???
    Some journalist ...

Post your comment

In order to post a comment you need to be registered and logged in.

Log in or create your silicon.com account below

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy.

Questions about membership? Find the answers in the Membership FAQ